72 matches found
EUVD-2010-0079
Malware in sbrugna...
EUVD-2020-4703
Malware in sbrugna...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...
DEBIAN-CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...
UBUNTU-CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...
Cross-Site Scripting (XSS)
TinyMCE is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper SVG sanitization, which allows an attacker to inject a SVG payload though an object or embed element, which results in Cross-Site Scripting...
GHSA-5359-PVF2-PW78 TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
Impact A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an object or embed element and that image could potentially contain a XSS payload. Fix TinyMCE 6.8.1 introduced a new convertunsafeembeds opti...
CVE-2024-29881 TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an object or embed element and that image could potentially contain a XSS payload. This vulnerability is...
CVE-2024-29881 TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE’s content loading and content inserting code. A SVG image could be loaded though an object or embed element and that image could potentially contain a XSS payload. This vulnerability is...
CVE-2024-29881
TinyMCE is affected by an XSS vulnerability (CVE-2024-29881) in its handling of external SVG content loaded via object/embed during content loading/insertion. The root cause is improper validation of user-supplied input via SVGs, allowing a payload to execute in the context of the hosting site. T...